github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/no_secrets_in_user_data.cf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/no_secrets_in_user_data.cf.go (about)

     1  package ec2
     2  
     3  var cloudFormationNoSecretsInUserDataGoodExamples = []string{
     4  	`---
     5  Resources:
     6    GoodExample:
     7      Type: AWS::EC2::Instance
     8      Properties:
     9        ImageId: "ami-79fd7eee"
    10        KeyName: "testkey"
    11        UserData: export SSM_PATH=/database/creds
    12        BlockDeviceMappings:
    13          - DeviceName: "/dev/sdm"
    14            Ebs:
    15              VolumeType: "io1"
    16              Iops: "200"
    17              DeleteOnTermination: "false"
    18              VolumeSize: "20"
    19          - DeviceName: "/dev/sdk"
    20  
    21  `,
    22  }
    23  
    24  var cloudFormationNoSecretsInUserDataBadExamples = []string{
    25  	`---
    26  Resources:
    27    BadExample:
    28      Type: AWS::EC2::Instance
    29      Properties:
    30        ImageId: "ami-79fd7eee"
    31        KeyName: "testkey"
    32        UserData: export DATABASE_PASSWORD=password1234
    33        BlockDeviceMappings:
    34          - DeviceName: "/dev/sdm"
    35            Ebs:
    36              VolumeType: "io1"
    37              Iops: "200"
    38              DeleteOnTermination: "false"
    39              VolumeSize: "20"
    40          - DeviceName: "/dev/sdk"
    41  
    42  `,
    43  }
    44  
    45  var cloudFormationNoSecretsInUserDataLinks = []string{}
    46  
    47  var cloudFormationNoSecretsInUserDataRemediationMarkdown = ``